|
Computer Science 322
Operating Systems
Mount Holyoke College
Spring 2008
|
|
Lecture 31: RAID; Protection and Security
Date: Wednesday, April 30, 2008
- Announcements
- Regular class meetings continue Friday and Monday
- Course evaluations Monday
- Final project presentations/demos Monday evening, 6:30, Kendade 303
- Lecture assignment recap
- RAID - a better description is on
Wikipedia
- Mostly skipping: Hierarchical Storage
- basic idea: use tapes or other large/cheap/removeable media
as "swap space"
- just another level of the memory hierarchy, really
- Protection
- A main function of the OS: ensure that each object (hardware
or software) is accessed correctly and only by those allowed
access
- memory protection
- file protection
- CPU protection
- Protection domains: a set of access rights to objects
- Processes execute in a domain, rights determined by this
domain
- Unix: domain is defined by UID and GID
- process can change UID/GID
- superuser (UID=0) can become any other UID/GID
- regular users must run setuid/setgid programs
- Other protection mechanisms are described in SG&G and we
will not discuss in any detail in class
- protection matrix
- access control lists
- capabilities
- Other interesting ideas from Unix: chroot and jails
Our last lecture assignment.
Due at the start of class, Friday, May 2.
Turn in short answers to these questions. Please turn in a hard
copy (typeset or handwritten are OK). We will discuss these questions
during class, so no late submissions are accepted.
SG&G 12.8, 12.9